You approve. PII is caught before a row moves.
rsync.ai is built for teams that have to trust a tool with production data. The design assumption is control, not autonomy: nothing syncs until you approve it, sensitive fields are handled before they ever leave the source, and the connector code is yours to read.
You approve before anything runs
rsync.ai never moves data on its own. It plans the sync, shows you the schema, sources, and PII rules, and waits for your approval at every critical step. The AI proposes; you decide what executes.
PII caught before a single row moves
Before any sync, rsync.ai scans every column for personal data — emails, phone numbers, IDs, addresses — and proposes a per-field action: mask, hash (SHA-256 or HMAC), drop, or pass-through. Your choices persist across every run, so sensitive fields are handled the same way every time.
Credentials encrypted, key you control
Source and destination credentials are AES-256 encrypted at rest with a key you control. They're used to run your pipelines and nothing else — never logged in plaintext, never shared.
Generation that refuses to guess
When rsync.ai generates a connector from an API's docs, it discovers the protocol, auth, and operations from public sources — and refuses to ship anything it couldn't verify. No silently-wrong connectors writing to your data.
Isolated by pipeline
Each pipeline runs in its own namespace, so one sync can't read or write another's tables. Destinations are schema-qualified, keeping every source's data cleanly separated.
Every run is traceable
Pipelines are durable Temporal workflows with OpenTelemetry tracing. You can see every run, every row count, and every error — and replay past runs from the event log when you need to audit what happened.
Source-available — and self-hostable from July 2026
rsync.ai's connector and pipeline code is source-available under the Elastic License 2.0, so your security team can read and audit exactly what runs against your data. From July 2026 you'll be able to run the full stack inside your own VPC with a single docker compose up, so source credentials, in-flight rows, and PII never leave your network. Until then, rsync.ai Cloud processes data under the safeguards above.
What we don't claim yet
rsync.ai is early. We haven't completed third-party attestations like SOC 2 or ISO 27001 — formal compliance and a detailed security whitepaper are on the path to general availability. If you need our full architecture review, data-flow diagrams, or a signed agreement to evaluate rsync.ai with production data, we'll walk your team through the specifics directly.